Ensure Burp and the OWASP BWA VM are running and that Burp is configured in the Firefox browser used to view the OWASP BWA applications.
- From the OWASP BWA Landing page, click the link to the OWASP Mutillidae II application.
- Open the Firefox browser on the login screen of OWASP Mutillidae II. From the top menu, click Login.
- Find the request you just performed within the Proxy | HTTP history table. Look for the call to the login.php page. Highlight the message, move your cursor into the Raw tab of the Request tab, right-click, and click on Send to Intruder:
- Switch over to the Intruder | Positions tab, and clear all Burp-defined ...